Abstract: A method is described for merging security constraints associated with an application when using security annotations. The application comprises one or more servlets, such as a Java servlet. During application deployment, a list of role names is generated by merging static security constraints, for example, identified in a deployment descriptor, and in a static security annotation that defines a list containing the names of authorized roles for a servlet. Later, during application runtime in an application server, security constraints are retrieved from a plurality of sources, including both dynamic and static security annotations. Using the list of role names and the security constraints retrieved, a set of merged security constraints having a defined and proper order of precedence is generated. In particular, preferably one or more dynamic security annotations are first merged with one or more static security annotations to generate a set of runtime constraints.

Abstract: A method is described for merging security constraints associated with an application when using security annotations. The application comprises one or more servlets, such as a Java servlet. During application deployment, a list of role names is generated by merging static security constraints, for example, identified in a deployment descriptor, and in a static security annotation that defines a list containing the names of authorized roles for a servlet. Later, during application runtime in an application server, security constraints are retrieved from a plurality of sources, including both dynamic and static security annotations. Using the list of role names and the security constraints retrieved, a set of merged security constraints having a defined and proper order of precedence is generated. In particular, preferably one or more dynamic security annotations are first merged with one or more static security annotations to generate a set of runtime constraints.

Abstract: The present invention provides client and server identity validation in an asynchronous request dispatching environment with client-side aggregation. An application server receives an asynchronous include request from a client. A first unique identifier associating the client with the asynchronous include is generated and sent to a results server. A second unique identifier identifying the results server is generated and sent to the application server. Results of the asynchronous include are stored in the results server. The application server sends the first and second unique identifiers to the client, which polls the results server and sends the second unique identifier to the results server. The results server uses the second unique identifier to verify the identity of the client. The results server sends the first unique identifier to the client. The client uses the first unique identifier to validate the identity of the results server.

Abstract: A process for facilitating distribution of asynchronous content by a result server includes subscribing at least one client in response to subscription requests for the asynchronous content received at the result server from the at least one client. The process further includes publishing the asynchronous content. The publishing leads to dissemination of the asynchronous content from the result server to the subscribed clients, and removal of the asynchronous content from the result server. The process further includes receiving a subscription request from additional client(s). The process further includes polling the subscribed clients for the asynchronous content and sending the asynchronous content to the additional client(s) upon receipt of the asynchronous content from any client belonging to the subscribed clients.

Abstract: The ability to leverage a publish/subscribe functionality in an application server environment has allowed the storage of cached entries to be stored over multiple clients rather than on a single application server, freeing up valuable resources. However, in this arrangement it is not possible for the originating server to validate shared content originating from client-side storage. The present invention provides a system and method for securing and validating content from asynchronous include request by allowing a subscribing client to set trusted clients from which they will accept content.

Abstract: Process, apparatus and program product for processing a request at an application server are provided. The process includes initiating one or more asynchronous operations in response to the request received by the application server. The process further includes generating a response content that includes one or more placeholders. Thereafter, one or more placeholders mark a location of content corresponding to each of the one or more asynchronous operations. The process further includes aggregating content received from a completed asynchronous operation by filling the content in the corresponding placeholder. The process further includes sending a partial response content with content up to the first unfilled placeholder.

Abstract: A process for facilitating distribution of asynchronous content by a result server includes subscribing at least one client in response to subscription requests for the asynchronous content received at the result server from the at least one client. The process further includes publishing the asynchronous content. The publishing leads to dissemination of the asynchronous content from the result server to the subscribed clients, and removal of the asynchronous content from the result server. The process further includes receiving a subscription request from additional client(s). The process further includes polling the subscribed clients for the asynchronous content and sending the asynchronous content to the additional client(s) upon receipt of the asynchronous content from any client belonging to the subscribed clients.

Abstract: The present invention provides client and server identity validation in an asynchronous request dispatching environment with client-side aggregation. An application server receives an asynchronous include request from a client. A first unique identifier associating the client with the asynchronous include is generated and sent to a results server. A second unique identifier identifying the results server is generated and sent to the application server. Results of the asynchronous include are stored in the results server. The application server sends the first and second unique identifiers to the client, which polls the results server and sends the second unique identifier to the results server. The results server uses the second unique identifier to verify the identity of the client. The results server sends the first unique identifier to the client. The client uses the first unique identifier to validate the identity of the results server.